Hardware Backdooring is practical

Jonathan Brossard (Toucan System)

14/11/2012

Whitepaper

http://www.toucan-system.com/research/

blackhat2012_brossard_hardware_

backdooring.pdf

Slides

DISCLAIMER

We are not « terrorists ». We won't release our PoC backdoor.

The x86 architecture is plagued by legacy. Governments know. The rest of the industry : not so much.

There is a need to discuss the problems in order to find solutions...

This is belived to be order of magnitudes better over existing backdoors/malware

Agenda

Motivation : state level backdooring ?

Coreboot & x86 architecture

State of the art in rootkitting, romkitting

Introducing Rakshasa

Rakshasa design

Why cryptography (Truecrypt/Bitlocker/TPM) won't save us...

Backdooring like a nation state

Who am I ?

-Security researcher, pentester

-First learned asm (~15 years ago)

-Presented at Blackhat/Defcon/CCC/HITB...

-Master in Engineering, master in Computer Sciences

-Co organiser of the NoSuchCon Conference (Paris)

Likes : Unix, network, architecture, low level, finding 0days (mem corruptions).

Dislikes : web apps, canned exploits.

-Super pure English accent (French, learned English in India, lives in Australia... ;))

FUD 101

Could a state (eg : China) backdoor

all new computers on earth ?

More introductory material

Enough FUD...

A bit of x86 architecture

State of the art, previous work

Previous work

Early 80s : Brain virus, targets the MBR

80s, 90s : thousands of such viruses

2007, John Heasman (NGS Software) Blackhat US: backdoor EFI bootloader

2009, Anibal Saco and Alfredo Ortega (Core security), CanSecWest : patch/flash a Pheonix-Award Bios

2009, Kleissner, Blackhat US : Stoned bootkit. Bootkit Windows, Truecrypt. Load arbitrary unsigned kernel module.

2010, Kumar and Kumar (HITB Malaysia) : vbootkit bootkitting of Windows 7.

Piotr Bania, Konboot : bootkit any Windows (32/64b)

2012 : Snare (Blackhat 2012) : UEFI rootkitting

Introducing Rakshasa

Goals : create the perfect backdoor

Persistant

Stealth (0 hostile code on the machine)

Portable (OS independant)

Remote access, remote updates

State level quality : plausible deniability, non attribution

Cross network perimeters (firewalls, auth proxy)

Redundancy

Non detectable by AV (goes without saying...)

Main idea (1/3)

Typical Corporate

Network

Main idea (2/3)

How things are

supposed to work

Main idea (3/3)

What is really going to happen

Rakshasa : Design (1/2)

Core components :

-Coreboot

-SeaBios

-iPXE

-payloads

Built on top of free software : portability, non attribution, cheap dev (~4 weeks of work), really really really hard to detect as malicious.

Supports 230 motherboards.

Rakshasa : Design (2/2)

Flash the BIOS (Coreboot + PCI roms such as iPXE)

Flash the network card or any other PCI device (redundancy)

Boot a payload over the network (bootkit over https)

Boot a payload over wifi/wimax (breach the network perimeter, bypasses network detection, I(P|D)S )

Remotely reflash the BIOS/network card if necessary

Rakshasa architecture (1/2)